Mitigating Risks Before A Cybersecurity Attack

Uncategorized
Written By

cybersecurityAs you are probably aware there is a higher probability of a cybersecurity attack in the near future. Therefore, I think it is prudent that you have some information on how you can be best prepared. 

A few things to consider:

  • Cash - if you have the ability to safely secure cash in your home, you may want to keep enough cash on hand to last several days.
  • Gas cars - Consider keeping cars on full. 
  • Email Security - if you send information through text or your free email account, assume the information is public. You should not send any information that includes your critical personal information (DOB, SSN, Account Numbers, etc). This is why we request that all clients use our sharefile portal when sending any files to us. While some of you may find this a bit inconvenient it is for your safety.
  • SMS fraud and spoofing - I recommend contacting your cell phone provider and inquiring how you can improve the security on your account. In particular, to verify that no one can request a SIM card on your behalf. Security of your cell phone is important since you should be using Multi-Factor Authentication / Two-Step Authentication for any online accounts that you can. 
  • Reboot your smartphone - The NSA (National Security Agency) recommends turning your phone off at least once a week. This is akin to rebooting your computer but for your smartphone. 
  • Use a VPN - You should certainly consider using a VPN whenever you're not on a secure network. Otherwise, your information is publicly available. If you’re using public Wi-Fi (Starbucks, hotels, airport, etc.) it is possible for someone to intercept your traffic. Two VPN services that I recommend are ProtonVPN - (click here)  - Another VPN option is ExpressVPN (Get 30 days free by clicking here) 
  • Use Good Passwords - By now, we all have so many passwords to the different accounts we use online that it can be nearly impossible to keep them organized or worse; we reuse the same password everywhere. Most of us have become part-time professionals at clicking the “reset password” button - a testament to how difficult it can be to keep passwords organized. Using a password manager (Roboform, LastPass, Enpass, Keeper, 1Password, etc..) can go a long way in both organizing your data and protecting your online accounts. Password generators are like storage lockers for your passwords - you can enter your username and password into the password manager, which is secured by one master password, and log in to access your account information at any time. Password protectors can also generate strong passwords for you and keep them securely stored.
  • Just Say No! - Scammers will often take on the disguise of authority figures or people in distress to emotionally jar the victim into a state of panic before instructing them to send money somewhere or give them access to their computer. If you receive a call from the police, IRS, or other authority figures from an institution, simply tell them you will call them back regarding the issue. If they are legit, they should have no problem with this. The IRS WILL NEVER call you without sending you written correspondence.
  • Backups - Always backup your data. Always, Always, Always. There are many cloud-based backup solutions that are great but it is also important to have an offline backup of your important data. 
  • Common Sense - Over 80% of scams are successful because they use social engineering to trick the user. This is the case in email scams, text message scams, phone call scams, and real-world scams. By hijacking norms and habits, scammers can trick an otherwise-intelligent person into giving up sensitive information that could leave them exposed to a cyber-attack.

You can use a couple of common-sense tests to reduce the effectiveness of these social engineering attacks:

  • Do I know this person/number/email address?
  • Does this person really need to know my account number/SSN/2-Factor Authentication code?
  • Am I absolutely confident that this person is a legitimate representative?
  • By giving out this information, am I granting this person access to any of my sensitive information or personal data?

Running through questions like these before taking action can stop a scam or cybersecurity attack before it starts.Running through questions like these before taking action can stop a scam or cybersecurity attack before it starts. No one can guarantee you that you will be 100 percent protected as malicious attackers are constantly evolving their techniques. Still being informed and having some level of understanding goes a long way. I hope you found this information to be helpful. If you have any questions, please let us know.

Contact Us For More Tips

If you have questions about cybersecurity and protecting yourself, please contact The Youngblood Group, LLC today. You can schedule an appointment to learn more.

Previous

Do You Understand Your EIDL Obligations?
Next

Independent Contractors And Taxes